[sudo-users] auditing the group which gave a user sudo

Ed Neville ed-sudo at s5h.net
Fri May 10 10:19:21 MDT 2019

On Fri, May 10, 2019 at 06:33:59am -0700, Rohit Bansal wrote:
> When i look at syslog, it gives the command and the primary group of 
> the user, but does not give which group policy allowed a user to get 
> sudo. We have tried a run sudo in debug mode as well but even that 
> does not spit out the policy which was evaluated to allow the specific 
> sudo execution.

Try cvtsudoers, there's a post from March relating to this.

Best regards,
Ed http://www.s5h.net/

More information about the sudo-users mailing list